What is ESET's position on this malware?

McAfee doesn't consider it a virus, but has added (or will add) it to their definitions: http://vil.nai.com/vil/content/v_99760.htm

Symantec has a write up, but has not added it to their definitions: http://securityresponse.symantec.com/avcenter/venc/data/friendgreetings.html

CA/eTrust has a write up, but no definition: http://www3.ca.com/virusinfo/virus.asp?ID=13444

I'll tell you I'm not a big fan of it.. Its just a worm that askes for Permission.... thanks Marti.

I have seen warnings about "friendly greetings" posted in Wilders (not sure which forum), DSLR, and PC Q&A.

My position is that the AV folks should include it in their definitions, as it does send an email to everyone in your address book (Microsoft programs only).

{QUOTE-> quoting: marti link=board=35;threadid=4436;start=0#28934 date=1035607571]My position is that the AV folks should include it in their definitions, as it does send an email to everyone in your address book (Microsoft programs only). <-QUOTE}

Yes, that is pretty bad. They can say, well, "People need to read the EULA", but I think people just look for the fastest way to get those off their screens.

Here's the related link on Wilders:

http://www.wilderssecurity.com/showthread.php?t=4429;start=0;boardseen=1

Good old "social engineering" at work. Real viruses use it, and use it effectively.

{QUOTE-> quoting: marti link=board=35;threadid=4436;start=0#28930 date=1035606813]
What is ESET's position on this malware?

McAfee doesn't consider it a virus, but has added (or will add) it to their definitions: http://vil.nai.com/vil/content/v_99760.htm

Symantec has a write up, but has not added it to their definitions: http://securityresponse.symantec.com/avcenter/venc/data/friendgreetings.html

CA/eTrust has a write up, but no definition: http://www3.ca.com/virusinfo/virus.asp?ID=13444
<-QUOTE}

My own gut feeling is that it should be included ... after all, it is a worm ... just a worm which asks for your permission to do its worming.

I don't like what it does, and in my opinion the EULA doesn't warn strongly enough that you'll spam everyone you know if you agree to it ... but a judge may consider it to be a legitimate program, in which case there would be legal ramifications if antivirus software detected and blocked it as a virus.

The other side of the coin of course is that if this spamware is legally declared kosher by a judge than virus coders could conceivably use that precedent to "legalize" the spreading of their own little nasties simply by tagging on ambiguous EULAs.

Maybe a new virus category ... "Legal Worm" ... is needed. :)